To develop a lib with SSO on twitter - twitter

I want to develop a lib for twitter which can achieve SSO and can display the name of app which uses this lib during APP authorization.
I know you can do this in apple using twitter framework, but I want to do this in Non-Apple platforms.
Any ideas please?

You could do this leveraging the OAuth capabilities available from Twitter. You could leverage a user's Web session if they are already signed in to twitter.com. See: https://dev.twitter.com/docs/auth
Any native (mobile) application SSO capabilities would depend on what the Twitter native application makes available. I'm not aware of any - but Facebook does offer such features: https://www.facebook.com/help/mobile/singlesignon

Related

React Native MSAL - SSO does not work from Native to Web - iOS

We are developing two new react native apps, and need to integrate Azure AD authentication at both the places. We also have existing web apps that are Azure AD enabled and the user can open the web links from our (new) native apps.
We have decided to use MSAL library (react-native-msal) to implement the authentication part mainly to support SSO between the native apps + the web apps that we open in the Safari browser.
We have followed all the steps that the react-native-msal library suggests and are able to achieve SSO between the two native apps.
However, when I login to one native app, and try to open the web app link using react linking, the web app prompts for the login credentials.
Note:
For authenticating user through native app, we are using "Authentication Session" with "prefersEphemeralWebBrowserSession = false" which ideally should share the SSO cookies with the Safari browser.
But clearly, this does not seem to work.
I would like to get some understanding on this problem and find out if others are facing this issue too? or is it just us?
In this case you need a preferred user token and send it along with the login request. For capturing the details of the user at the same time I suggest storing the details in the domain wide cookies that is known for all applications.
// Store the user details after login
document.cookie = "msal_details=Paul#xyz-corp.com;domain=.xyz-corp.com;path=/"
// use the user details
var user = getCookieByName("msal_username"); 
  userAgentApplication.loginRedirect(scopes, "&login_hint=" + user);
Lastly, you would need to implement this in your application.
Well, it turns out to be a problem with the simulator. This functionality works only on the physical devices (iPhone/iPad) and not on the simulators.
This should have been documented in the react-native-msal's document though.

Is it possible to integrate the Facebook login without using the iOS SDK?

Currently i am using the Facebook SDK to implement the Facebook login to our native iOS application. For this i am using the native iOS SDK for Facebook. This application is both for mobile and web, so is it possible to integrate Facebook login without using the SDK from application side. I mean authentication done fully through API and server side.
Please have a suggestion.
I referred to a SO link:
Design for Facebook authentication in an iOS app that also accesses a secured web service
Sure! You can always use their API directly, which essentially is the same as they do with the SDK.
Check out the documentation on the following link.
https://developers.facebook.com/docs/facebook-login/manually-build-a-login-flow

Single Sign On authentication in IOS requires LinkedIn App

We've migrated to the latest LinkedIn IOS SDK which only supports single sign-on (SSO) authentication, in conjunction with the official LinkedIn mobile application. Our app works really well with this, however Apple will not approve our latest version, because it requires the LinkedIn app to be installed for the authentication to work.
We need a solution which handles the scenario when the LinkedIn app is not present, to use web authentication, however LinkedIn are very specific stating Mobile SDK-enabled applications require the official LinkedIn iOS app to be installed on the device to function properly" https://developer.linkedin.com/docs/ios-sdk - The Mobile SDK was released in July, so presume we are not alone in having our app rejected by Apple approvals.
Could you test for the presence of the linked-in app:
if it is not there: implement OAuth2 directly through your app
if it is there: use it or your OAuth2 implementation (which you'd probably err on the side of using their app for the link-ability between any features of the app you may need in yours).
Thereby avoiding the REQUIREMENT to have the app installed.
Researching for this I did find:
Mobile vs server-side access tokens
Presently, there is no mechanism available to exchange them. If you
require tokens that can be used in both the mobile and server-side
environment, you will need to implement a traditional OAuth 2.0
solution within your iOS environment to acquire tokens that can be
leveraged in both situations.
from: https://developer.linkedin.com/docs/ios-sdk-auth
which suggests that authentication away from the app is supported.
Pleased to confirm that the solution kindly suggested by Madivad of using the new LinkedIn SDK if the LinkedIn app is installed and when it's not reverting to traditional OAuth 2.0 works fine. Apple are also back on our Christmas card list as they approved this latest version today within 40 minutes of submission:) Thanks Madivad for helping out with this.

use titanium appcelerator user as oauth for third party applications

I have a appcelerator titanium app, and I would like to use the same users and password for other apps, not related to appcelerator ACS or titanium, the question is: can I use appcelerator ACS as oauth for other applications?
I'm not familiar with ACS to much but from documentation I can find below:
it is not proffered as the ACS mention in its documentation
Your app must prove that it is allowed to talk to ACS. This keeps your
data secure by preventing anyone from making requests to ACS that
impersonate your app.
but you can create new app with new client-id as in ACS mention that:
You can integrate ACS into your application using the REST API, the
Titanium SDK, or the ACS native iOS and Android SDKs.
http://docs.appcelerator.com/cloud/latest/#!/guide/acs_quickstart
http://docs.appcelerator.com/cloud/latest/#!/guide/acs_authentication

This application will not be accessible on iOS unless SSO is configured

I've received the following restriction on a mobile web app which doesn't make any sense as SSO only applies to native apps..
"This application will not be accessible on iOS unless SSO is configured"
How do I resolve this problem?
You need to configure SSO for your native app using the Instructions for SSO in section 3 of the iOS SDK documentation - once you've done that the app will be accessible as normal.
If the app doesn't have a native iOS version, your app is probably restricted from being accessed from inside Facebook's native app due to not complying with Apple's policies about iOS-approved payment methods.
You'd need to take it up with your lawyers or Facebook's policy team if that's the case - all i can answer here is the info on how to enable SSO for your native app if applicable

Resources